|
|
 Up |
|
  |
|
|
|
Author: fnhqtmfnhqtm
Date: Oct 19, 2007 16:35
dnmwdoflodhlfrqiqzsgsscvknilsgkojnciymnneshrltqmvjulzivpoppbqlsvwbjbgeqlnhvqvskophmzizrphdvyugnwhde
|
| |
|
| |
no comments
|
|
|
Author: Mathias HomannMathias Homann
Date: Feb 24, 2007 04:26
Hi all,
I got me an ipv6 tunnel and a public ipv6 subnet up and running. Now i
need to know what to add to susefirewall2 configuration to make it
secure... what i want: machines inside being able to talk ipv6 to the
world, but machines from the outside shall be allowed only to certain
machines on certain ports (namely, ssh, http and https).
I tried to clone some rules from my regular iptables, but ip6tables
doesnt do state...
I'm totally fine with doing it
in /etc/sysconfig/scripts/SuSEfirewall2-custom; router/firewall is a
10.0 running SuSEfirewall2-3.4-6
any hints for me?
--
gpg key fingerprint: 5F64 4C92 9B77 DE37 D184 C5F9 B013 44E7 27BD
763C
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@ opensuse.org
For additional commands, e-mail: opensuse-security+help@ opensuse.org
|
| |
|
no comments
|
|
|
Author: Frank SteinerFrank Steiner
Date: Feb 20, 2007 08:24
Marcus Meissner wrote
> SUSE Linux Enterprise 10 + SUSE Linux 10.1 will receive the kernel update
> containing this fix soon. (I expect within this week).
Thanks!
> Note that you need to have NFS exposed to the attacker to make this problematic.
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@ opensuse.org
For additional commands, e-mail: opensuse-security+help@ opensuse.org
|
| |
|
no comments
|
|
|
Author: Frank SteinerFrank Steiner
Date: Feb 20, 2007 05:04
Hi,
the patch for the NFS bug was release by the -stable team for 2.6.18/19/20.
I'm not sure if earlier version are not affected or just no longer maintained
by them.
If 2.6.16 is affected, too, is there a planned release date for the
outstanding kernel update that was mentioned in the last summary report?
cu,
Frank
--
Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/
Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/
LMU, Amalienstr. 17 Phone: +49 89 2180-4049
80333 Muenchen, Germany Fax: +49 89 2180-99-4049
* Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. * ---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@ opensuse.org
For additional commands, e-mail: opensuse-security+help@ opensuse.org
|
| |
|
1 Comment |
|
|
Author: Dr. Peter PoemlDr. Peter Poeml
Date: Feb 19, 2007 00:27
On Fri, Feb 16, 2007 at 12:54:51 +0100, Pavel Chalupa wrote:
> Dne pátek 16 únor 2007 12:33 Dr. Peter Poeml napsal(a):
>> On Fri, Feb 16, 2007 at 06:32:46 +0100, Pavel Chalupa wrote:
>>> Hello,
>>> can anybody explain me how much security problem is, when I have TRACE
>>> enabled in Apache? I tried to disable it with mod_rewrite inside the
>>> .htaccess file, but it does not work ("Nikto" scanner says "it's still
>>> TRACE enabled). I have no access to Apache and can't compile Apache with
>>> TRACE disabled.
>>>
>>> Admin says: it is not dangerous, look at:
>>> http://www.ietf.org/rfc/rfc2616.txt
>>>
>>> But scanner "Nikto" talks about 4 years old security problem:
>>> http://www.cgisecurity.com/whitehat-mirror/WhitePaper_screen.pdf
>>>
>>> Should I worry about TRACE enabled?
>>>
>>> Thanks, Pavel >> ...
|
| Show full article (2.14Kb) |
|
no comments
|
|
|
Author: Carlos E. R.Carlos E. R.
Date: Feb 18, 2007 17:29
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Wednesday 2007-02-14 at 11:40 +0100, Ludwig Nussel wrote:
> Carlos E. R. wrote:
>> The Sunday 2007-02-11 at 12:51 +0100, Ludwig Nussel wrote:
>>> No. As soon as you load loop_fish2 the twofishSL92 format gets used.
>>
>> Very unfortunate.
>>
>> The thing...
|
| Show full article (4.35Kb) |
|
1 Comment |
|
|
Author: Philippe VogelPhilippe Vogel
Date: Feb 18, 2007 09:55
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Pavel Chalupa schrieb:
> Dne pátek 16 únor 2007 12:33 Dr. Peter Poeml napsal(a):
>> On Fri, Feb 16, 2007 at 06:32:46 +0100, Pavel Chalupa wrote:
>>> Hello, can anybody explain me how much security problem...
|
| Show full article (3.46Kb) |
|
no comments
|
|
|
Author: Pavel ChalupaPavel Chalupa
Date: Feb 16, 2007 03:54
Dne pátek 16 únor 2007 12:33 Dr. Peter Poeml napsal(a):
> On Fri, Feb 16, 2007 at 06:32:46 +0100, Pavel Chalupa wrote:
>> Hello,
>> can anybody explain me how much security problem is, when I have TRACE
>> enabled in Apache? I tried to disable it with mod_rewrite inside the
>> .htaccess file, but it does not work ("Nikto" scanner says "it's still
>> TRACE enabled). I have no access to Apache and can't compile Apache with
>> TRACE disabled.
>>
>> Admin says: it is not dangerous, look at:
>> http://www.ietf.org/rfc/rfc2616.txt
>>
>> But scanner "Nikto" talks about 4 years old security problem:
>> http://www.cgisecurity.com/whitehat-mirror/WhitePaper_screen.pdf
>>
>> Should I worry about TRACE enabled?
>>
>> Thanks, Pavel >
> Since 2.1.5, there is TraceEnable. ...
|
| Show full article (1.53Kb) |
|
no comments
|
|
|
|
|
|
Author: Pavel ChalupaPavel Chalupa
Date: Feb 15, 2007 21:32
Hello,
can anybody explain me how much security problem is, when I have TRACE enabled
in Apache? I tried to disable it with mod_rewrite inside the .htaccess file,
but it does not work ("Nikto" scanner says "it's still TRACE enabled). I have
no access to Apache and can't compile Apache with TRACE disabled.
Admin says: it is not dangerous, look at:
http://www.ietf.org/rfc/rfc2616.txt
But scanner "Nikto" talks about 4 years old security problem:
http://www.cgisecurity.com/whitehat-mirror/WhitePaper_screen.pdf
Should I worry about TRACE enabled?
Thanks, Pavel ---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@ opensuse.org
For additional commands, e-mail: opensuse-security+help@ opensuse.org
|
| |
|
2 Comments |
|
|
|
|
